safari

Packet Storm Exploit 2013-0903-1 - Apple Safari Heap Buffer Overflow

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.




safari

Packet Storm Advisory 2013-0903-1 - Apple Safari Heap Buffer Overflow

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.




safari

Safari Webkit Proxy Object Type Confusion

This Metasploit module exploits a type confusion bug in the Javascript Proxy object in WebKit. The DFG JIT does not take into account that, through the use of a Proxy, it is possible to run arbitrary JS code during the execution of a CreateThis operation. This makes it possible to change the structure of e.g. an argument without causing a bailout, leading to a type confusion (CVE-2018-4233). The type confusion leads to the ability to allocate fake Javascript objects, as well as the ability to find the address in memory of a Javascript object. This allows us to construct a fake JSCell object that can be used to read and write arbitrary memory from Javascript. The module then uses a ROP chain to write the first stage shellcode into executable memory within the Safari process and kick off its execution. The first stage maps the second stage macho (containing CVE-2017-13861) into executable memory, and jumps to its entrypoint. The CVE-2017-13861 async_wake exploit leads to a kernel task port (TFP0) that can read and write arbitrary kernel memory. The processes credential and sandbox structure in the kernel is overwritten and the meterpreter payloads code signature hash is added to the kernels trust cache, allowing Safari to load and execute the (self-signed) meterpreter payload.




safari

The best virtual safaris to do from your living room

Get up close with some of the world's most amazing animals from the safety of your sofa




safari

Africa in the news: COVID-19, Côte d’Ivoire, and Safaricom updates

African governments take varying approaches to mitigate the spread of COVID-19 As of this writing, Africa has registered over 39,000 confirmed COVID-19 cases and 1,600 deaths, with most cases concentrated in the north of the continent as well as in South Africa. African countries have enacted various forms of lockdowns, external and internal border closures,…

       




safari

Africa in the news: COVID-19, Côte d’Ivoire, and Safaricom updates

African governments take varying approaches to mitigate the spread of COVID-19 As of this writing, Africa has registered over 39,000 confirmed COVID-19 cases and 1,600 deaths, with most cases concentrated in the north of the continent as well as in South Africa. African countries have enacted various forms of lockdowns, external and internal border closures,…

       




safari

Africa in the news: COVID-19, Côte d’Ivoire, and Safaricom updates

African governments take varying approaches to mitigate the spread of COVID-19 As of this writing, Africa has registered over 39,000 confirmed COVID-19 cases and 1,600 deaths, with most cases concentrated in the north of the continent as well as in South Africa. African countries have enacted various forms of lockdowns, external and internal border closures,…

       




safari

Africa in the news: COVID-19, Côte d’Ivoire, and Safaricom updates

African governments take varying approaches to mitigate the spread of COVID-19 As of this writing, Africa has registered over 39,000 confirmed COVID-19 cases and 1,600 deaths, with most cases concentrated in the north of the continent as well as in South Africa. African countries have enacted various forms of lockdowns, external and internal border closures,…

       




safari

Africa in the news: COVID-19, Côte d’Ivoire, and Safaricom updates

African governments take varying approaches to mitigate the spread of COVID-19 As of this writing, Africa has registered over 39,000 confirmed COVID-19 cases and 1,600 deaths, with most cases concentrated in the north of the continent as well as in South Africa. African countries have enacted various forms of lockdowns, external and internal border closures,…

       




safari

India makes for a great safari destination, here are a few


Raorchestes charius, Coorg

Looking for new subjects to shoot? Try dropping to the ground. That's where you will find the best true-life models for macro photography, suggests wildlife photographer Dr Caesar Sengupta. "Macro photography, which is producing larger than life images of small objects, is oriented around reptiles, amphibians and insects. While some insects and amphibians can be found in our backyards, reptiles aren't that common in an urban set-up," says Dr Sengupta.

He says the best times to shoot are before, during and immediately after the monsoon. "That's the time reptiles and amphibians come out. India has two biological hotspots - the Western Ghats, and the sub and eastern Himalayan region," says the expert, adding that, the quality of output from a dedicated macro lens cannot be compared to that achieved with a regular lens. Here's your guide to clicking small wonders.


Insectivorous plant, Kaas plateau

The macro checklist
* Take care of your gear and yourself in the rains, where the forest floor can be treacherous. Carry high ankle shoes or
gumboots.
* Macro photography is mostly done in low-light conditions - in the evening or at night. You need to have an external flash; organisms won't be bothered by it as their retina is not the same as ours.
* There are no venomous frogs in India, but you need to be careful with insects as they may bite or cause allergies. Personal protection is always important when entering a jungle. For reptiles, you need to know your subject well. You must know the striking distance of the reptile. It helps to travel with a biological or field expert.


Saw scaled viper, Bhagwan Mahaveer Wildlife Sanctuary, Goa. Pics Courtesy/Dr Caesar Sengupta

Top spots for hot shots
* Agumbe Rainforest Research Station in Karnataka is famous for king cobras and other species of reptiles and frogs. While the cobras aren't easily sighted, you can get permission to be a part of a rescue operation when the reptile has strayed into human territory. Dandeli and Coorg in Karnataka are also great spots.
* Bhagwan Mahaveer Wildlife Sanctuary in Goa is famous for various snakes such as Indian rock python, Russell's viper, as well as butterflies.


Indian Violet Tarantula, Goa

* Matheran is great for spotting green vine snakes, bamboo pit vipers, tarantulas and frogs.
* Within Mumbai, head to Sanjay Gandhi National Park (including Yeoor in Thane) and Maharashtra Nature Park in Mahim. Phansad, Bhimashankar and Amboli are must-visits, too. From September to October, head to Kaas plateau in Maharashtra to photograph insects and flowers.
* Thar desert is home to the Keeled rock, Sind sand, Persian micro and other geckos.





safari

How to dress like a grown up with Shane Watson: The safari look that can last a lifetime

Shane Watson took inspiration from Lauren Hutton for embracing this season's safari jacket trend. British style expert, advises investing in a khaki jacket for versatility.




safari

Fearless safari guide calmly shoos away a curious elephant

Eugene Troskie, 34, was repairing a waterhole's wooden perimeter in the Lions Place Lodge in Greater Kruger National Park, South Africa, when the inquisitive elephant noticed him.




safari

Cheetah climbs onto open-top Jeep on Serengeti safari in Tanzania, terrifying American tourists

A family from New Jersey filmed the close encounter with the cheetah, which made itself at home atop the Jeep as it rolled through the Serengeti in Tanzania on August 24.




safari

Safari tourists stifle their giggles as elephant scratches its butt on their car

An elephant moved from her herd to inspect the safari vehicle carrying tourists inside Greater Kruger National Park in South Africa. She turned around, then scratched her behind against the jeep.




safari

Hackers can use a Safari security vulnerability to gain access to a person's iPhone camera 

A security exploit in Apple's Safari web browser could let hackers access a person's iPhone camera or Macbook webcam, by impersonating a familiar website that already has access.




safari

How to Subscribe to RSS Feeds in Safari

RSS, also known as Really Simple Syndication, provides a great way to keep up with your favorite websites and skim through the headlines to find the articles. Safari makes it really simple to subscribe to a websites RSS feed in just a few clicks.

complete article




safari

How to Subscribe to RSS Feeds in Safari

RSS, also known as Really Simple Syndication, provides a great way to keep up with your favorite websites and skim through the headlines to find the articles. Safari makes it really simple to subscribe to a website's RSS feed in just a few clicks.

complete article




safari

Safari Books Online Takes Home 27th Annual CODiE Award for Best Consumer Information Resource

Safari Books Online, the leading on-demand digital library for technology, digital media and business professionals, today announced that it was named a winner in the Software & Information Industry Association's 27th Annual CODiE Awards.




safari

M&M launches new Scorpio starting at Rs 7.98 lakh; to take on Duster & Safari Storme

Gearing to meet an increasing competition in SUV segment, M&M launched the new Scorpio priced between Rs 7.98-11.46 lakh (ex-showroom Mumbai).




safari

Proposal to translocate Chandrapur tigers: Cannot be put in zoos, safaris, rescue centres, say experts